Zero day dropped: MacOS kernel flaw enables full system compromise

Security Digest Information security news and advice from TechTarget's network |January 3, 2018 FEATURED STORY IOHIDeous is a macOS zero-day for the New Year by Michael Heller, Senior Reporter A newly discovered macOS zero-day flaw called IOHIDeous affects all versions of Apple's desktop operating system and can allow for full system compromise. (SearchSecurity.com) Advertisement NEWS   Browser login managers allow tracking scripts to steal credentials News roundup: Login managers enable the exposure of user credentials in over 1,000 websites. Plus, Mozilla patched a critical vulnerability in Thunderbird, and more. (SearchSecurity.com)   Risk & Repeat: Cybersecurity predictions for 2018 In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats. (SearchSecurity.com)   After 2017, data breach fatigue should be a thing of the past Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings. (SearchSecurity.com)   Official TLS 1.3 release date: Still waiting, and that's OK Protocol scrutiny is good for the upcoming TLS 1.3 update as the process continues to expose, and fix, problems with the latest version of Transport Layer Security. (SearchSecurity.com) EXPERT ADVICE   How automated incident response can help security Automated incident response can benefit security both in the cloud and in traditional settings. Expert Dave Shackleford explains what it can be used for and how it helps. (SearchSecurity.com)   Broadpwn flaw: How does the new iOS exploit compare? An iOS exploit similar to the Broadpwn flaw was recently developed by a researcher at Google's Project Zero. Expert Kevin Beaver explains what the exploit is and how it works. (SearchSecurity.com)   How to handle configuration management in the cloud without issue Not handling configuration management in the cloud correctly can unintentionally expose sensitive enterprise data. Expert Ed Moyle explains how to make sure this doesn't happen. (SearchcloudSecurity.com)   Can a decentralized open source community properly address security? SearchSecurity talks with UC Berkeley Professor Steven Weber about the open source community, the security challenges facing it and the prospect of software liability. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2017 TechTarget. All rights reserved.